Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/UTHtKXdXZKUz3ydgrdS0gmz93CA.roa
File: UTHtKXdXZKUz3ydgrdS0gmz93CA.roa (raw, json)
Hash identifier: T3avypqUfcdLhch5mQl1H0qsRqtD28B/+uWchDCXGsg=
Subject key identifier: 51:31:ED:29:77:57:64:A5:33:DF:27:60:AD:D4:B4:82:6C:FD:DC:20
Certificate issuer: /CN=58bb8ee3a747ed8b578657cdd4737586f5fdb931
Certificate serial: 018CC5DD0B00D618E935ABD6CC557F7A6DCF
Authority key identifier: 58:BB:8E:E3:A7:47:ED:8B:57:86:57:CD:D4:73:75:86:F5:FD:B9:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLuO46dH7YtXhlfN1HN1hvX9uTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/UTHtKXdXZKUz3ydgrdS0gmz93CA.roa
Signing time: Mon 01 Jan 2024 16:30:46 +0000
ROA not before: Mon 01 Jan 2024 16:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8356
IP address blocks: 217.198.48.0/20 maxlen: 24
217.198.56.0/21 maxlen: 24
185.109.124.0/22 maxlen: 24
2001:768::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/WLuO46dH7YtXhlfN1HN1hvX9uTE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/WLuO46dH7YtXhlfN1HN1hvX9uTE.mft
rsync://rpki.ripe.net/repository/DEFAULT/WLuO46dH7YtXhlfN1HN1hvX9uTE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:0b:00:d6:18:e9:35:ab:d6:cc:55:7f:7a:6d:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bb8ee3a747ed8b578657cdd4737586f5fdb931
Validity
Not Before: Jan 1 16:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5131ed29775764a533df2760add4b4826cfddc20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d5:8e:bf:6e:ee:3b:20:26:c0:fe:45:48:e4:
9d:d2:f0:cb:1d:6a:75:6b:21:d4:73:b3:dd:89:da:
ef:1f:05:ce:bb:3f:21:c5:dc:1b:27:f3:99:b6:35:
97:bf:82:c8:92:73:39:9f:cf:ad:a4:db:7a:97:cd:
57:b8:49:0f:c0:45:0e:43:98:94:7d:83:f4:c4:98:
3a:c0:b3:03:9a:ed:cf:ac:26:18:20:c8:fd:99:39:
ee:68:b6:4c:7b:7f:c6:3c:5f:55:40:3e:1a:fc:ae:
9f:f6:05:d3:a7:ac:ba:0d:67:ea:5e:90:3c:19:8a:
95:3f:1a:7a:4e:39:5c:d4:9d:9c:dd:c5:62:71:c3:
90:93:0e:4a:8b:b3:a6:1a:4e:95:90:26:75:3a:25:
1d:3f:a4:fa:fa:0e:f2:60:fa:67:95:78:f9:bb:4f:
2f:bf:25:f2:c5:d0:31:ec:cc:29:15:11:0e:bd:4c:
ac:f9:ed:56:18:68:0c:67:7a:66:f9:92:ca:2c:42:
d3:01:9c:6e:17:5b:fd:67:48:2e:04:14:9a:7b:4b:
e2:9f:ba:1d:e1:b1:7a:05:05:79:40:fb:09:3c:3e:
ab:da:55:db:af:19:04:05:53:00:e4:3c:c4:c6:bf:
f6:7f:c1:35:3e:5d:35:cb:b9:75:34:42:98:d3:71:
6f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:31:ED:29:77:57:64:A5:33:DF:27:60:AD:D4:B4:82:6C:FD:DC:20
X509v3 Authority Key Identifier:
keyid:58:BB:8E:E3:A7:47:ED:8B:57:86:57:CD:D4:73:75:86:F5:FD:B9:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLuO46dH7YtXhlfN1HN1hvX9uTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/UTHtKXdXZKUz3ydgrdS0gmz93CA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/WLuO46dH7YtXhlfN1HN1hvX9uTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.124.0/22
217.198.48.0/20
IPv6:
2001:768::/32
Signature Algorithm: sha256WithRSAEncryption
99:0e:4a:84:4b:fa:ef:8f:e0:7d:bd:aa:b6:cc:5a:72:16:89:
2a:70:19:18:73:66:2c:bb:66:d0:6f:e8:a7:0c:54:ed:22:62:
d7:69:60:92:27:89:dc:20:b7:b2:f3:e6:d1:db:24:da:ce:a6:
3e:81:a5:91:a7:20:b2:39:90:6f:22:cd:58:fd:a9:d1:e7:4f:
b0:f7:8b:78:51:65:79:ed:78:3e:7d:a0:17:98:40:6c:2a:9c:
c6:4e:4d:1c:d6:ee:10:98:07:bf:66:91:d4:f0:1e:1c:23:89:
c3:87:be:d7:78:70:55:bb:7d:36:82:5e:b3:3a:bf:4b:5f:1a:
5d:2a:4c:44:5f:31:9e:9f:f8:ac:aa:23:26:49:2c:fc:e0:9b:
d9:fb:27:81:2b:62:4e:10:c7:a9:3e:24:19:5e:b1:63:63:c8:
aa:53:67:e1:19:e8:6a:e0:d7:b5:d3:25:70:ba:47:12:e8:55:
14:81:4d:b7:c8:db:e6:6a:50:5e:77:b9:1a:dd:ea:4c:5b:7d:
86:d4:9c:60:eb:1e:90:77:ce:3e:d3:21:65:2b:e6:ae:02:1e:
ce:de:03:a1:73:72:f5:3a:a0:12:74:71:5d:e0:18:fd:9e:e1:
05:34:ef:86:a3:bb:06:f1:c1:4e:c1:b9:bf:87:87:9b:04:54:
10:e9:3b:3a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3QsA1hjpNavWzFV/em3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmI4ZWUzYTc0N2VkOGI1Nzg2NTdjZGQ0NzM3NTg2ZjVm
ZGI5MzEwHhcNMjQwMTAxMTYzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTMxZWQyOTc3NTc2NGE1MzNkZjI3NjBhZGQ0YjQ4MjZjZmRkYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tWOv27uOyAmwP5FSOSd0vDLHWp1
ayHUc7PdidrvHwXOuz8hxdwbJ/OZtjWXv4LIknM5n8+tpNt6l81XuEkPwEUOQ5iU
fYP0xJg6wLMDmu3PrCYYIMj9mTnuaLZMe3/GPF9VQD4a/K6f9gXTp6y6DWfqXpA8
GYqVPxp6Tjlc1J2c3cViccOQkw5Ki7OmGk6VkCZ1OiUdP6T6+g7yYPpnlXj5u08v
vyXyxdAx7MwpFREOvUys+e1WGGgMZ3pm+ZLKLELTAZxuF1v9Z0guBBSae0vin7od
4bF6BQV5QPsJPD6r2lXbrxkEBVMA5DzExr/2f8E1Pl01y7l1NEKY03FvnwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFEx7Sl3V2SlM98nYK3UtIJs/dwgMB8GA1UdIwQY
MBaAFFi7juOnR+2LV4ZXzdRzdYb1/bkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0x1TzQ2ZEg3WXRYaGxmTjFITjFodlg5dVRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wM2E3MGItM2JjNi00MzM5LTllNDkt
YTgzZjkxNDAzNWIzLzEvVVRIdEtYZFhaS1V6M3lkZ3JkUzBnbXo5M0NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wM2E3MGItM2JjNi00MzM5LTllNDktYTgzZjkxNDAzNWIz
LzEvV0x1TzQ2ZEg3WXRYaGxmTjFITjFodlg5dVRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuW18AwQE
2cYwMA0EAgACMAcDBQAgAQdoMA0GCSqGSIb3DQEBCwUAA4IBAQCZDkqES/rvj+B9
vaq2zFpyFokqcBkYc2Ysu2bQb+inDFTtImLXaWCSJ4ncILey8+bR2yTazqY+gaWR
pyCyOZBvIs1Y/anR50+w94t4UWV57Xg+faAXmEBsKpzGTk0c1u4QmAe/ZpHU8B4c
I4nDh77XeHBVu302gl6zOr9LXxpdKkxEXzGen/isqiMmSSz84JvZ+yeBK2JOEMep
PiQZXrFjY8iqU2fhGehq4Ne10yVwukcS6FUUgU23yNvmalBed7ka3epMW32G1Jxg
6x6Qd84+0yFlK+auAh7O3gOhc3L1OqASdHFd4Bj9nuEFNO+Go7sG8cFOwbm/h4eb
BFQQ6Ts6
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:00:47 2024 by rpki-client on console-ams.rpki-client.org